Turn any codebase or binary into a queryable, interactive knowledge graph — right inside VS Code.
What Is CodeGraph?
CodeGraph Tools is the only VS Code extension that bridges source-code semantic analysis with Ghidra binary reverse-engineering in a single workflow.
- Point it at a source folder → get an interactive HTML graph of every module, class, function, and their relationships.
- Point it at a compiled binary → Ghidra decompiles it, CodeGraph maps symbols back to your source, flags vulnerabilities, and shows you exactly what changed between builds.
- Ask natural-language questions against the graph via GraphRAG — no context-window limits.
Key Features
🔍 Source Code Analysis
- AST-based extraction via tree-sitter (Python, JS, TS, Go, C, C++, Rust, Java)
- Semantic clustering — groups related functions/classes by call patterns and data flow
- Interactive graph viewer — pan, zoom, filter, hover for docstrings
- Incremental rebuild — only re-analyzes changed files on save (watch mode)
- GraphRAG queries — ask "which modules touch authentication?" and get ranked answers
🛡️ Binary Analysis & Reverse Engineering (Ghidra Integration)
- One-click Ghidra analysis from the VS Code command palette
- Symbol → source matching — maps decompiled Ghidra symbols back to your repo
- Binary diff —
CodeGraph: What Changed in Binary Diff? shows semantic diff between two builds
- Vulnerability surface — flags functions with unsafe patterns (buffer ops, crypto, network I/O)
- Works with
.exe, .dll, .so, .elf, .bin
⚡ AI / LLM Productivity
- Benchmark command — measures token reduction when using GraphRAG vs. raw source dumps
- Copilot / Codex / Claude skill installer — one command to teach your AI assistant your codebase graph
- Explain Node — ask CodeGraph to explain any node using your local graph context
Quick Start
1. Install the extension
Search CodeGraph Tools in the VS Code Extensions panel, or:
ext install codegraph-tools.codegraph-vscode
2. Install the Python engine
Open the Command Palette (Ctrl+Shift+P) and run:
CodeGraph: Install Skill (Copilot/Codex/Claude)
Or install manually:
pip install graphifyy
3. Analyze your code
- Right-click any folder in the Explorer → CodeGraph: Analyze This Folder
- Or press
Ctrl+Shift+G
The interactive graph opens automatically in your browser.
4. Query the graph
Press Ctrl+Shift+Q and ask anything:
Which modules are most connected to the auth system?
What calls into the database layer?
Show me all functions that handle file I/O.
5. Analyze a binary with Ghidra
Open the Command Palette and run:
CodeGraph: Analyze Binary with Ghidra
Select your .exe / .so / .elf — Ghidra runs headlessly, results appear in the Ghidra Symbols panel with source links.
Commands Reference
| Command |
Shortcut |
Description |
CodeGraph: Analyze This Folder |
Ctrl+Shift+G |
Full graph build of selected folder |
CodeGraph: Update Graph (incremental) |
— |
Rebuild only changed files |
CodeGraph: Query the Graph |
Ctrl+Shift+Q |
Natural-language GraphRAG query |
CodeGraph: Open Graph Viewer |
— |
Open the last generated graph HTML |
CodeGraph: Analyze Binary with Ghidra |
— |
Ghidra headless analysis of a binary |
CodeGraph: What Changed in Binary Diff? |
— |
Semantic diff between two builds |
CodeGraph: Match Ghidra Symbol to Source |
— |
Map decompiled symbol → source file/line |
CodeGraph: Benchmark Token Reduction |
Ctrl+Shift+B |
Measure GraphRAG compression ratio |
CodeGraph: Install Skill |
— |
Install graph context into Copilot/Claude |
Requirements
| Requirement |
Notes |
VS Code ^1.85 |
Required |
Python 3.9+ |
Required for analysis engine |
pip install graphifyy |
Python analysis library |
| Ghidra |
Optional — only needed for binary analysis |
GHIDRA_INSTALL_DIR env var |
Set to Ghidra install path for binary features |
Extension Settings
| Setting |
Default |
Description |
codegraph.pythonPath |
"python" |
Path to Python executable |
codegraph.mode |
"fast" |
fast (AST only) or deep (AST + LLM) |
codegraph.autoOpenGraph |
true |
Auto-open graph after analysis |
codegraph.outputDir |
"CodeGraph-out" |
Output folder name |
codegraph.ghidraEnabled |
true |
Enable Ghidra binary analysis commands |
codegraph.watchOnSave |
true |
Rebuild graph on file save |
codegraph.watchDebounceMs |
2000 |
Debounce delay before rebuild (ms) |
Use Cases
Security Engineers & Malware Analysts
- Decompile suspicious binaries with Ghidra from inside VS Code
- Map decompiled symbols to known-safe source patterns
- Diff two versions of a binary to see what was patched (or backdoored)
- Visualize attack surface: all functions touching network, crypto, or file I/O
Software Architects
- Instantly visualize dependency sprawl in large monorepos
- Find circular dependencies and tightly-coupled modules
- Export GraphRAG JSON for LLM-assisted architecture review
AI / LLM Developers
- Install a graph "skill" into Copilot or Claude that represents your entire codebase
- Use the benchmark command to measure how much token cost you save with graph compression
- Query the graph instead of pasting raw source into prompts
Legacy Code Archaeology
- Build a semantic map of undocumented codebases
- Ask "what does this module actually do?" and get graph-grounded answers
- Trace call paths between any two nodes interactively
Output Files
After analysis, CodeGraph-out/ contains:
| File |
Description |
graph.html |
Interactive force-directed graph (opens in browser) |
graph.json |
GraphRAG-compatible semantic graph |
audit_report.md |
Auto-generated architecture audit |
communities.json |
Module community clusters |
snapshot_<timestamp>.json |
Point-in-time snapshot for diffing |
Contributing
PRs welcome! See CONTRIBUTING.md for guidelines.
License
MIT — see LICENSE.
CodeGraph Tools is not affiliated with the NSA or the Ghidra project. Ghidra is a free and open-source reverse engineering tool developed by the NSA Research Directorate.
